Threat Detection Engineer

Threat Detection Engineer

Location: Remote (PDT or MDT locations)
Schedule: Weekend coverage during local daytime hours with a flexible 2 weekdays (4 on/ 3 off).
Compensation: $500,000+
Benefits: Excellent benefits package

Introduction
We are a leading global financial technology firm known for innovation, a strong engineering culture, and a commitment to world-class talent and robust risk management. Our success is powered by an ability to be agile, thanks to the dedicated and innovative engineers across all our teams.

We are seeking a talented, motivated Threat Detection Engineer to join our global team. This individual will be a self-starter excited to take on ownership of complex projects with a wide degree of autonomy. This role is unique in its schedule, providing critical weekend coverage during local daytime hours in exchange for a flexible schedule during the work week.

What's the role?
As a Threat Detection Engineer, you will be responsible for designing, implementing, and maintaining systems and logic to identify and neutralize sophisticated cyber threats. You will operate within a high-fidelity Detection-as-Code environment, moving beyond traditional SOC tiers to act as an elite, end-to-end security engineer.

Responsibilities:

• Detection Engineering: Develop, tune, and deploy high-fidelity detections and rules to prevent threats against the firm's systems using a "Detection-as-Code" philosophy.
• Incident Response: Respond to and mitigate active incidents and alerts within our security monitoring systems.
• Threat Hunting: Proactively hunt for sophisticated adversaries targeting our infrastructure by analyzing logging and telemetry.
• Intelligence Action: Process and action threat intelligence reports, converting attacker TTPs into actionable detections across various tools and languages.
• Automation & Coding: Contribute to the firm's Python-based ecosystem to automate analysis processes and increase detection accuracy.
• Business Collaboration: Work with various business units to gain a deep understanding of internal networks to better inform hunting and risk-modeling strategies.
• Telemetry Analysis: Review and analyze packet captures, media, and network device logs to support risk and detection capabilities.

Qualifications: ​​​​

• Education: Bachelor's degree in Computer Science, Computer Engineering, or a related technical field.
• Programming: Strong proficiency in Python is mandatory for contributing to our D&R codebase.
• Data Analysis: Experience conducting deep-dive analysis of media, packet captures, and logs. Familiarity with Pandas and Jupyter Notebooks for threat hunting is highly desirable.
• Technical Breadth: Experience with modern SIEM platforms (Google SecOps preferred) and a variety of 3rd party endpoint, network, and cloud security tools
• Communication: Strong interpersonal skills with the ability to communicate complex technical threats to both technical and non-technical stakeholders
• Availability: Ability to work a weekend-based schedule (local daytime hours) with flexibility during the week (2 days).

Benefits:

• Competitive compensation package commensurate with experience.
• Comprehensive health, dental, and vision insurance.
• Opportunities for continuous professional development and training.
• A collaborative and challenging work environment with state-of-the-art technology.

Why You'll Love It Here:
This role offers unparalleled ownership of critical projects. You will be empowered to "do cool things" that directly impact the firm's security posture, leveraging Data Science and advanced engineering to stay ahead of global threats. We pride ourselves on a nimble, engineering-first culture where your contributions are measurable and highly valued.

Ready to Join?
If you are a driven security engineer with deep Python skills and a desire to own the entire threat detection lifecycle at a world-class firm, we encourage you to apply.